diff options
Diffstat (limited to 'configs')
-rw-r--r-- | configs/http.conf.sample | 12 | ||||
-rw-r--r-- | configs/manager.conf.sample | 4 | ||||
-rw-r--r-- | configs/sip.conf.sample | 10 |
3 files changed, 18 insertions, 8 deletions
diff --git a/configs/http.conf.sample b/configs/http.conf.sample index f15c9cf72..9d3769712 100644 --- a/configs/http.conf.sample +++ b/configs/http.conf.sample @@ -52,12 +52,16 @@ bindaddr=127.0.0.1 ; sslbindport=4433 ; port to use - default is 8089 ; sslbindaddr=0.0.0.0 ; address to bind to - default is bindaddr. ; -; sslcert=/tmp/foo.pem ; path to the certificate ; -; To produce a certificate you can e.g. use openssl -; openssl req -new -x509 -days 365 -nodes -out /tmp/foo.pem -keyout /tmp/foo.pem +; sslcert=</path/to/certificate.pem> ; path to the certificate file (*.pem) only. +; sslprivatekey=</path/to/private.pem> ; path to private key file (*.pem) only. +; If no path is given for sslcert or sslprivatekey, default is to look in current +; directory. If no sslprivatekey is given, default is to search sslcert for private key. +; +; To produce a certificate you can e.g. use openssl. This places both the cert and +; private in same .pem file. +; openssl req -new -x509 -days 365 -nodes -out /tmp/foo.pem -keyout /tmp/foo.pem ; - ; The post_mappings section maps URLs to real paths on the filesystem. If a ; POST is done from within an authenticated manager session to one of the ; configured POST mappings, then any files in the POST will be placed in the diff --git a/configs/manager.conf.sample b/configs/manager.conf.sample index 0fd4ccbaa..39585c1de 100644 --- a/configs/manager.conf.sample +++ b/configs/manager.conf.sample @@ -43,9 +43,11 @@ bindaddr = 0.0.0.0 ; sslbindport=5039 ; the port to bind to ; sslbindaddr=0.0.0.0 ; address to bind to, default to bindaddr ; sslcert=/tmp/asterisk.pem ; path to the certificate. +; sslprivatekey=/tmp/private.pem ; path to the private key, if no private given, + ; if no sslprivatekey is given, default is to search + ; sslcert for private key. ; sslcipher=<cipher string> ; string specifying which SSL ciphers to use or not use - ; ;allowmultiplelogin = yes ; IF set to no, rejects manager logins that are already in use. ; ; The default is yes. diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample index 46ac6e903..a9288817c 100644 --- a/configs/sip.conf.sample +++ b/configs/sip.conf.sample @@ -117,12 +117,16 @@ tcpbindaddr=0.0.0.0 ; IP address for TCP server to bind to (0.0.0.0 ; Remember that the IP address must match the common name (hostname) in the ; certificate, so you don't want to bind a TLS socket to multiple IP addresses. -;tlscertfile=asterisk.pem ; Certificate file (*.pem only) to use for TLS connections - ; default is to look for "asterisk.pem" in current directory +;tlscertfile=</path/to/certificate.pem> ; Certificate file (*.pem only) to use for TLS connections + ; default is to look for "asterisk.pem" in current directory + +;tlsprivatekey=</path/to/private.pem> ; Private key file (*.pem only) for TLS connections. + ; If no tlsprivatekey is specified, tlscertfile is searched for + ; for both public and private key. ;tlscafile=</path/to/certificate> ; If the server your connecting to uses a self signed certificate -; you should have their certificate installed here so the code can +; you should have their certificate installed here so the code can ; verify the authenticity of their certificate. ;tlscadir=</path/to/ca/dir> |